[Resource Topic] 2021/110: Replacing Probability Distributions in Security Games via Hellinger Distance

Welcome to the resource topic for 2021/110

Title:
Replacing Probability Distributions in Security Games via Hellinger Distance

Authors: Kenji Yasunaga

Abstract:

Security of cryptographic primitives is usually proved by assuming ideal'' probability distributions. We need to replace them with approximated real’’ distributions in the real-world systems without losing the security level. We demonstrate that the Hellinger distance is useful for this problem, while the statistical distance is mainly used in the cryptographic literature. First, we show that for preserving \lambda-bit security of a given security game, the closeness of 2^{-\lambda/2} to the ideal distribution is sufficient for the Hellinger distance, whereas 2^{-\lambda} is generally required for the statistical distance. The result can be applied to both search and decision primitives through the bit security framework of Micciancio and Walter (Eurocrypt 2018). We also show that the Hellinger distance gives a tighter evaluation of closeness than the max-log distance when the distance is small. Finally, we show that the leftover hash lemma can be strengthened to the Hellinger distance. Namely, a universal family of hash functions gives a strong randomness extractor with optimal entropy loss for the Hellinger distance. Based on the results, a \lambda-bit entropy loss in randomness extractors is sufficient for preserving \lambda-bit security. The current understanding based on the statistical distance is that a 2\lambda-bit entropy loss is necessary.

ePrint: https://eprint.iacr.org/2021/110

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .